Solve Ceph Clock Skew error

Monitors can be severely affected by significant clock skews across the monitor nodes. This usually translates into weird behavior with no obvious cause. To avoid such issues, you should run a clock synchronization tool on your monitor nodes by default the monitors will allow clocks to drift up to 0.05 seconds.

This error can be seen using:

# ceph -s
# ceph health detail

Tags: 

Cloning a Ceph client auth key

I don't recall any reason to do this other than using the same user and auth key to authenticate in different Ceph clusters, like in a multi-backend solution, or just because things get messy when you are not using a default configuration.

Sometimes, things gets easy when we use the same user and auth key on both clusters for services to connect to, so lets see some background commands for managing users, keys and permissions:

Create new user and auth token (cinder client example):

Export instance from OpenStack with Ceph/rbd backend.

Suppose that you want to migrate an instance from differents infrastructures or you want to handover and instance information to a client, so you need to recover (export) the instance volumes information.

Step 1: Get the instance UUID.

Testing juju environment inside LXC container

I thing we pass the part of what juju is and how it works, so I'll post direct commands and configurations of how getting the environment working inside a LXC container, created just for juju, not the local configuration that creates and LXC container, in other words, out host server does not have any juju package.

Some links to read in case you need more info, or you can post a question.

Cinder Volume Transfer

Let's assume you want to change ownership of volume from Tenant_A to Tenant_B.

Step 1: Tenant A will initiate an Ownership Transfer which will enable another tenant to take ownership of it.

$ source openrc Tenant_A Tenant_A
$ cinder transfer-create [volume_id]

An Authentication Key and a Transfer ID are returned here.

Step 2: Tenant B needs to accept the Transfer using the Transfer ID and The Authentication Keygenerated above.

The real problem behind highly transactional applications.

An architecture trying to respond a least 10000 concurrent connections per second, is trying to solve the C10K problem, even if this is so last decade is still breaking servers, architectures and configurations, giving to sysadmins real headaches and not always because of real connections, also for basic DDoS attacks (pretty much is the same concept: lots and lots of new connections to the same service).

Why companies should embrace OSS and the DevOps movement.

It’s not a secret that the best and most competitive technologies today exist in the world are based on some Open Source component, maybe the Linux kernel, GNU/Linux operating system, a version of BSD, modules, drivers, or the programming language is completely free or have a free compiler or interpreter.

Free EL YUM Repositories

If you are using some flavor of an Enterprise Linux, eventually will get tired of download rpm packages from Here BTW, is a really great page when you don't have access to FTP services (damn telecom/security guys).

And eventually, you will need to have repositories on your server to solve the dependencies.
Here are some free repository provided by Oracle for FREE, but of course, with NO SUPPORT.

[Solved] su: /bin/bash: Permission denied

New user created as:

groupadd mygroup
useradd -s /bin/bash -g myuser -m -k /dev/null myuser

When trying to log in:

[root@vserver~]# su - myuser
su: /bin/bash: Permission denied

Solution:

[root@vserver~]# chmod 755 /bin
[root@vserver~]# su - myuser
[myuser@vserver~]$

SSH login without password

Supose you want to use Linux and OpenSSH to automize your tasks or you just don't want to type the password everytime you connect to a server.
You can solve this issue by doing this.

Scenario:
skyline wants to connect to veyron using ssh without password.

By default the ssh command has an order to check for autentications: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password

Tags: 

Pages

Subscribe to Headup RSS